Security Advisory

CVE-2005-2119

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2005-10-11 04:00:00

Last updated 2024-08-07 22:15:37

Assigner microsoft

State PUBLISHED

Description

The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer.

← Browse all CVEs View on cve.org ↗